Over 60% of Enterprises Fail to Build Effective Cloud Security

Well over half of organisations are failing to protect their data, saying that their cybersecurity methods aren’t maintaining their changes and up-grades that cloud security requires according to Symantec.

The security giant polled 1250 IT decision-makers in 11 countries worldwide to compile its 2019 Cloud Security Threat Report.  It revealed that while 63% of enterprise workloads have now been migrated to the cloud, a similar percentage of organisations are struggling to keep pace with the expansion of cloud apps.

Most (93%) said they are having trouble keeping track of workloads and estimated that more than a third of files in the cloud shouldn’t be there. Some 83% claimed they don’t have the right processes in place to effectively manage security incidents, meaning a quarter of alerts go unaddressed.

Nearly three-quarters (73%) said they’ve experienced an incident because their cloud security isn’t mature enough, i.e. they lack controls like encryption and multi-factor authentication (MFA) and are poorly configured. Some 65% of organisations failed to implement MFA in IaaS environments and 80% don’t use encryption, according to Symantec’s Report.

As a result, they face an increased risk of insider threats, ranked by respondents as the third biggest threat to cloud infrastructure.

Sixty-nine percent of survey respondents think their data is likely already on the dark web for sale.

Nico Popp, Symantec’s senior vice-president of cloud & information protection, explained that 69% of responding organisations believe their data is already on the dark web for sale and fear an increased risk of data breaches because of their cloud migration.

“The adoption of new technology has almost always led to gaps in security, but we’ve found the gap created by cloud computing poses a greater risk than we realise, given the troves of sensitive and business-critical data stored in the cloud,” he added.

“Data breaches can have a clear impact on enterprises’ bottom line, and security teams are desperate to prevent them. However, it’s not the underlying cloud technology that has exacerbated the data breach problem, it’s the immature security practices, overtaxed IT staff and risky end-user behavior surrounding cloud adoption.”

Symantec:            Infosecurity

You Might Also Read: 

Is The Cloud Skills Gap A Problem?:

 

 

« Cyberwar Between Nation-States Damages Business
Pakistan Clashes With India In Cyberspace »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DoD Cyber Crime Center (DC3)

DoD Cyber Crime Center (DC3)

DC3 is a US Department of Defense (DoD) center of excellence for Digital and Multimedia forensics.

High-Tech Bridge

High-Tech Bridge

High-Tech Bridge SA is a Swiss MSSP provider offering security auditing, source code review and computer forensics.

ISTQB

ISTQB

ISTQB has defined the "ISTQB Certified Tester" scheme that has become the world-wide leader in the certification of competences in software testing.

Roke Manor Research

Roke Manor Research

Roke is a world-class electronics engineering consultancy. Areas of expertise include cyber security, cyber assurance and cryptographic solutions.

LATRO Services

LATRO Services

LATRO Services is a complete solution provider to discover, locate, and eliminate telecom fraud.

RangeForce

RangeForce

RangeForce delivers the only integrated cybersecurity simulation and skills analysis platform that combines a virtual cyber range with hand-on training.

Assertion

Assertion

Assertion secures your collaboration (UC/CC) systems from cyber risks. Enforcing the right set of controls and monitoring them continually brings down risk to acceptable levels.

Base Cyber Security

Base Cyber Security

Base Cyber Security is an information and cyber security talent service provider and career specialist.

Cyber@StationF

Cyber@StationF

Cyber@StationF is an up to 6 months international startup acceleration programme, whose members provide solutions for the Cybersecurity industry.

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum is a catalyst platform designed to create a more resilient and better cyberworld for all.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

Axur

Axur

Discover and eliminate digital fraud and risks on the web. Utilize Axur’s entire AI potential, along with thousands of bots dispersed throughout the surface web as well as the deep and dark web.

Policy Monitor

Policy Monitor

Policy Monitor is a cyber security company founded by experts with extensive experience in operational and risk management.

Kodem Security

Kodem Security

Our mission is to make AppSec simple. Meet the world’s first dynamic software composition analysis platform. Only Kodem uses runtime intelligence to determine application risk.

Mediatech

Mediatech

Mediatech, specialized in managed Cybersecurity and Cloud services, a single point of contact for your company's IT and infrastructure.

SPYROS Information & Technology Consulting

SPYROS Information & Technology Consulting

SPYROS specializes in providing highly qualified professionals in Computer Network Operations, Signals Intelligence, Technical Training and Certifications, Network Administration and Security.